It’s that time of year, when PCI Compliance evolves and we all await the inevitable PCI DSS changes. PCI SSC has released PCI DSS version 3.2, which represents a major turning point for the 10-year-old Payment Card Industry Data Security Standard. The major turning point? That [read more]

The payments industry is littered with acronyms. Sometimes, I think people in the industry do it intentionally to make it more complicated than it already is – but I digress, let’s get to it and answer the question everyone is asking, “What is PCI Compliance?” PCI [read more]

What is a P2PE Instruction Manual (PIM)? The P2PE Instruction Manual, also known in the PCI community as the PIM, is a guideline document that PCI Validated P2PE solution providers are required to provide to merchants who have opted into their solution. The purpose of the [read more]

In 2012, the PCI Council released a standard for point-to-point encryption, known as PCI Validated P2PE or PCI P2PE, due to the increasing number of “security” solutions in the market. Most providers were claiming that their security solution, usually P2PE or E2EE with a splash [read more]

After 2014, the “Year of the Data Breach,” media outlets and so-called payments experts were adamant that chip card security, also known as EMV, would solve the security issues surrounding the payments industry. Although chip cards are a step in the right direction, EMV is only [read more]

PCI Blog is the “unofficial” PCI blog for PCI compliance, IT Compliance and the payments industry. Our site is run by an industry compliance expert, and remains a wholly independent source of news within the payments industry, focusing specifically on the ever-changing responsibilities of merchants [read more]